using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Collections;
using System.Data.SqlClient;
using System.Data.SqlTypes;
using System.IO;
using Microsoft.Security.Application;

namespace SecurityLinkUp
{
    public class MeetingData
    {

        public static Meeting GetMeeting(Guid MeetingID)
        {
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetMeeting", conn);
                    cmd.Parameters.Add(new SqlParameter("@meetingid", MeetingID.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    if (reader.HasRows)
                    {
                        //create a meeting object and return it
                        reader.Read();
                        Meeting m = CreateMeetingFromDBRecord(reader);
                        return m;
                    }
                    else
                    {
                        // no meeting found with that ID - return null
                        return null;
                    }
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        public static ArrayList GetChapterMeetingsBetweenDates(Guid ChapterID, DateTime StartDate, DateTime EndDate)
        {
            ArrayList ret = new ArrayList();

            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("[GetChapterMeetingsBetweenDates]", conn);
                    cmd.Parameters.Add(new SqlParameter("@ChapterID", ChapterID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@StartDate", StartDate));
                    cmd.Parameters.Add(new SqlParameter("@EndDate", EndDate));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    while (reader.Read())
                    {
                        //create a meeting object and add it to the array
                        Meeting m = CreateMeetingFromDBRecord(reader);
                        ret.Add(m);
                    }
                    // return what we found
                    return ret;
                    
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        public static ArrayList GetAllChapterMeetings(Guid ChapterID)
        {
            ArrayList ret = new ArrayList();

            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetMeetings", conn);
                    cmd.Parameters.Add(new SqlParameter("@chapterid", ChapterID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@dateafter", DBNull.Value));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    while (reader.Read())
                    {
                        //create a meeting object and add it to the return array
                        Meeting m = CreateMeetingFromDBRecord(reader);
                        if (m != null)
                        {
                            ret.Add(m);
                        }
                    }
                    return ret;
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        public static Meeting GetNextMeeting(Guid ChapterID)
        {
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetNextMeeting", conn);
                    cmd.Parameters.Add(new SqlParameter("@chapterid", ChapterID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@dateafter", DateTime.Now.ToShortDateString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    if (reader.HasRows)
                    {
                        //create a meeting object and return it
                        reader.Read();
                        Meeting m = CreateMeetingFromDBRecord(reader);
                        return m;
                    }
                    else
                    {
                        // no meeting found with that ID - return null
                        return null;
                    }
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        // gets a count of the number of meetings a chapter has 
        public static int GetChapterMeetingsCount(Guid ChapterID)
        {
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the (active) communities
                    SqlCommand cmd = new SqlCommand("GetChapterMeetingsCount", conn);
                    cmd.Parameters.Add(new SqlParameter("@ChapterID", ChapterID.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    if (reader.HasRows)
                    {
                        reader.Read();
                        return int.Parse(reader["count"].ToString());
                    }
                    else
                    {
                        return 0;
                    }
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return 0;
            }
        }

        public static bool DeleteMeeting(Guid MeetingID)
        {
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("DeleteMeeting", conn);
                    cmd.Parameters.Add(new SqlParameter("@meetingid", MeetingID.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.ExecuteNonQuery();
                    return true;
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return false;
            }
        }
       

        #region Get/Save meeting object from/to database
        // TODO: we could probably do with limiting the scope of these functions so that
        // they cant be called directly, and you have to go through the main operation
        // functions above.  However, because we are calling these functions static, we can't
        // move them from "public"?

        // Creates a user object from a database record
        public static Meeting CreateMeetingFromDBRecord(SqlDataReader data)
        {
            //create a meeting object
            try
            {
                // grab the info from the DB
                if ((data["geolat"] == DBNull.Value) || (data["geolong"] == DBNull.Value))
                {
                    // create meeting using the "no position" method
                    Meeting m = new Meeting(new Guid(data["uid"].ToString()),
                                            new Guid(data["chapterid"].ToString()),
                                            DateTime.Parse(data["start"].ToString()),
                                            DateTime.Parse(data["end"].ToString()),
                                            data["title"].ToString(),
                                            data["description"].ToString(),
                                            new Guid (data["organizeruid"].ToString()),
                                            data["location"].ToString(),
                                            data["additionalinfo"].ToString());
                    return m;
                }
                else
                {
                    // create a meeting with position
                    Meeting m = new Meeting(new Guid(data["uid"].ToString()),
                                           new Guid(data["chapterid"].ToString()),
                                           DateTime.Parse(data["start"].ToString()),
                                           DateTime.Parse(data["end"].ToString()),
                                           data["title"].ToString(),
                                           data["description"].ToString(),
                                           new Guid(data["organizeruid"].ToString()),
                                           data["location"].ToString(),
                                           data["additionalinfo"].ToString());

                    m.SetGeoData(double.Parse(data["geolat"].ToString()),
                                 double.Parse(data["geolong"].ToString())
                                );
                    return m;
                }

            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        // saves a user object to the database
        public static string SaveMeetingToDB(Meeting m)
        {
            string connstr = Security.GetDBConnectionString();
            using (SqlConnection conn = new SqlConnection(connstr))
            {
                try
                {
                    conn.Open();
                    SqlCommand cmd = new SqlCommand("SaveMeeting", conn);
                    cmd.Parameters.Add(new SqlParameter("@ID", m.uid.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@ChapterID", m.ChapterID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@Start", m.Start));
                    cmd.Parameters.Add(new SqlParameter("@End", m.End));
                    cmd.Parameters.Add(new SqlParameter("@Title", m.Title));
                    cmd.Parameters.Add(new SqlParameter("@Description", m.Description));
                    cmd.Parameters.Add(new SqlParameter("@Organizeruid", m.OrganizerID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@Location", m.Location));
                    cmd.Parameters.Add(new SqlParameter("@AdditionalInfo", m.AdditionalInfo));
                    if (m.HasPosition)
                    {
                        cmd.Parameters.Add(new SqlParameter("@geolat", m.geolat));
                        cmd.Parameters.Add(new SqlParameter("@geolong", m.geolong));
                    }
                    else
                    {
                        cmd.Parameters.Add(new SqlParameter("@geolat", DBNull.Value));
                        cmd.Parameters.Add(new SqlParameter("@geolong", DBNull.Value));
                    }
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.ExecuteNonQuery();
                    return "";
                }
                catch (Exception ex)
                {
                    Log.LogException(ex);
                    return "Error saving";
                }
            }
        }

        #endregion

        public static RSVP GetRSVP(Guid MeetingID, Guid UserID)
        {
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetUserRSVP", conn);
                    cmd.Parameters.Add(new SqlParameter("@MeetingID", MeetingID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@UserID", UserID.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    if (reader.HasRows)
                    {
                        //create a rsvp object and return it
                        reader.Read();
                        RSVP r = CreateRSVPFromDBRecord(reader);
                        return r;
                    }
                    else
                    {
                        // no rspv found - return null
                        return null;
                    }
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        public static ArrayList GetAllMeetingRSVPs(Guid MeetingID)
        {
            ArrayList ret = new ArrayList();
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetAllMeetingRSVPs", conn);
                    cmd.Parameters.Add(new SqlParameter("@MeetingID", MeetingID.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    while (reader.Read())
                    {
                        //create a rsvp object and add it to the return array
                        RSVP r = CreateRSVPFromDBRecord(reader);
                        ret.Add(r);
                    }
                    return ret;
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        #region Get/Save RSVP object from/to database
        // TODO: we could probably do with limiting the scope of these functions so that
        // they cant be called directly, and you have to go through the main operation
        // functions above.  However, because we are calling these functions static, we can't
        // move them from "public"?

        // Creates a rsvp object from a database record
        public static RSVP CreateRSVPFromDBRecord(SqlDataReader data)
        {
            //create a rsvp object
            try
            {
                RSVP r = new RSVP(new Guid(data["MeetingID"].ToString()),
                                  new Guid(data["UserID"].ToString()),
                                  (RSVP.RSVPStatus)Enum.Parse(typeof(RSVP.RSVPStatus), 
                                  data["RSVP"].ToString()),
                                  data["Message"].ToString());
                return r;
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        // saves a rsvp object to the database
        public static string SaveRSVPToDB(RSVP r)
        {
            string connstr = Security.GetDBConnectionString();
            using (SqlConnection conn = new SqlConnection(connstr))
            {
                try
                {
                    conn.Open();
                    SqlCommand cmd = new SqlCommand("SaveRSVP", conn);
                    cmd.Parameters.Add(new SqlParameter("@MeetingID", r.MeetingID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@UserID", r.UserID.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@RSVP", r.status.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@Message", r.message));
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.ExecuteNonQuery();
                    return "Saved";
                }
                catch (Exception ex)
                {
                    Log.LogException(ex);
                    return "Error saving";
                }
            }
        }

        #endregion

        public static Presentation GetPresentation(Guid presentationid)
        {
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetPresentation", conn);
                    cmd.Parameters.Add(new SqlParameter("@uid", presentationid.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    if (reader.HasRows)
                    {
                        //create a presentation object and return it
                        reader.Read();
                        Presentation p = CreatePresentationFromDBRecord(reader);
                        return p;
                    }
                    return null;
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        public static ArrayList GetUserPresentations(Guid userid)
        {
            ArrayList ret = new ArrayList();
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetUserPresentations", conn);
                    cmd.Parameters.Add(new SqlParameter("@UserID", userid.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    while (reader.Read())
                    {
                        //create a presentation object and add it to the return array
                        Presentation p = CreatePresentationFromDBRecord(reader);
                        ret.Add(p);
                    }
                    return ret;
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        public static ArrayList GetMeetingPresentations(Guid meetingid)
        {
            ArrayList ret = new ArrayList();
            try
            {
                string connstr = Security.GetDBConnectionString();
                using (SqlConnection conn = new SqlConnection(connstr))
                {
                    conn.Open();
                    // setup the query to get all the chapters based on their status
                    SqlCommand cmd = new SqlCommand("GetMeetingPresentations", conn);
                    cmd.Parameters.Add(new SqlParameter("@MeetingID", meetingid.ToString()));
                    cmd.CommandType = CommandType.StoredProcedure;
                    SqlDataReader reader = cmd.ExecuteReader();
                    while (reader.Read())
                    {
                        //create a rsvp object and add it to the return array
                        Presentation p = CreatePresentationFromDBRecord(reader);
                        ret.Add(p);
                    }
                    return ret;
                }
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        #region Get/Save presentation object from/to database
        // TODO: we could probably do with limiting the scope of these functions so that
        // they cant be called directly, and you have to go through the main operation
        // functions above.  However, because we are calling these functions static, we can't
        // move them from "public"?

        // Creates a presentation object from a database record
        public static Presentation CreatePresentationFromDBRecord(SqlDataReader data)
        {
            //create a presentation object
            try
            {
                Presentation p = new Presentation(new Guid(data["uid"].ToString()),
                                                  new Guid(data["meetingid"].ToString()),
                                                  new Guid(data["userid"].ToString()),
                                                  data["title"].ToString(),
                                                  data["abstract"].ToString(),
                                                  data["estimatedduration"].ToString(),
                                                  data["slidedeck"].ToString(),
                                                  bool.Parse(data["accepted"].ToString()),
                                                  data["notes"].ToString(),
                                                  int.Parse(data["slotnumber"].ToString()));
                return p;
            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return null;
            }
        }

        // saves a presentation object to the database
        public static string SavePresentationToDB(Presentation p)
        {
            string connstr = Security.GetDBConnectionString();
            using (SqlConnection conn = new SqlConnection(connstr))
            {
                try
                {
                    conn.Open();
                    SqlCommand cmd = new SqlCommand("SavePresentation", conn);
                    cmd.Parameters.Add(new SqlParameter("@id", p.uid.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@meetingid", p.meetingid.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@userid", p.userid.ToString()));
                    cmd.Parameters.Add(new SqlParameter("@title", p.title));
                    cmd.Parameters.Add(new SqlParameter("@abstract", p.abstracttext));
                    cmd.Parameters.Add(new SqlParameter("@estimatedduration", p.estimatedduration));
                    cmd.Parameters.Add(new SqlParameter("@slidedeck", p.slidedeck));
                    cmd.Parameters.Add(new SqlParameter("@accepted", p.accepted));
                    cmd.Parameters.Add(new SqlParameter("@notes", p.notes));
                    cmd.Parameters.Add(new SqlParameter("@slotnumber", p.slotnumber));
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.ExecuteNonQuery();
                    return "Saved";
                }
                catch (Exception ex)
                {
                    Log.LogException(ex);
                    return "Error saving";
                }
            }
        }

        #endregion


    }

    public class Meeting
    {
        private Guid m_uid;
        private Guid m_chapterid;
        private DateTime m_start;
        private DateTime m_end;
        private string m_title;
        private string m_description;
        private Guid m_organizeruid;
        private string m_location;
        private string m_additionalinfo;
        private double m_geolat;
        private double m_geolong;
        private bool m_hasposition;

        // constructor version with no geo position
        public Meeting(Guid uid, Guid chapterid, DateTime start, DateTime end, string title, string description, Guid organizerid, string location, string additionalinfo)
        {
            m_uid = uid;
            m_chapterid = chapterid;
            m_start = start;
            m_end = end;
            m_title = title;
            m_description = description;
            m_organizeruid = organizerid;
            m_location = location;
            m_additionalinfo = additionalinfo;
            m_hasposition = false;
        }

        public void SetGeoData(double GeoLat, double GeoLong)
        {
            m_geolat = GeoLat;
            m_geolong = GeoLong;
            m_hasposition = true;
        }

        public Guid uid
        {
            get { return m_uid; }
        }

        public Guid ChapterID
        {
            get { return m_chapterid; }
            set { m_chapterid = value; }
        }

        public DateTime Start
        {
            get { return m_start; }
            set { m_start = value; }
        }

        public DateTime End
        {
            get { return m_end; }
            set { m_end = value; }
        }

        public string Title
        {
            get { return AntiXss.HtmlEncode(m_title); }
            set { m_title = value; }
        }

        public string Description
        {
            get { return AntiXss.HtmlEncode(m_description); }
            set { m_description = value; }
        }

        public Guid OrganizerID
        {
            get { return m_organizeruid; }
            set { m_organizeruid = value; }
        }

        public string Location
        {
            get { return AntiXss.HtmlEncode(m_location); }
            set { m_location = value; }
        }

        public string AdditionalInfo
        {
            get { return AntiXss.HtmlEncode(m_additionalinfo); }
            set { m_additionalinfo = value; }
        }

        public double geolat
        {
            get { return m_geolat; }
        }

        public double geolong
        {
            get { return m_geolong; }
        }

        public bool HasPosition
        {
            get { return m_hasposition; }
        }
    }

    public class RSVP
    {
        private Guid m_meetingid;
        private Guid m_userid;
        private RSVPStatus m_status;
        private string m_message;

        public enum RSVPStatus { ATTENDING, NOTATTENDING, UNSURE, NOANSWER };

        public RSVP(Guid meetingid, Guid userid, RSVPStatus status, string message)
        {
            m_meetingid = meetingid;
            m_userid = userid;
            m_status = status;
            m_message = message;
        }

        public Guid MeetingID
        {
            get { return m_meetingid; }
        }

        public Guid UserID
        {
            get { return m_userid; }
        }

        public RSVPStatus status
        {
            get { return m_status; }
            set { m_status = value; }
        }

        public string message
        {
            get { return AntiXss.HtmlEncode(m_message); }
            set { m_message = value; }
        }


    }

    public class Presentation
    {
        private Guid m_uid;
        private Guid m_meetingid;
        private Guid m_userid;
        private string m_title;
        private string m_abstracttext;
        private string m_estimatedduration;
        private string m_slidedeckfile;
        private bool m_accepted;
        private string m_notes;
        private int m_slotnumber;

        public Presentation(Guid uid, Guid meetingid, Guid userid, string title, string abstracttext, string estimatedduration, string slidedeckfile, bool accepted, string notes, int slotnumber)
        {
            m_uid = uid;
            m_meetingid = meetingid;
            m_userid = userid;
            m_title = title;
            m_abstracttext = abstracttext;
            m_estimatedduration = estimatedduration;
            m_slidedeckfile = slidedeckfile;
            m_accepted = accepted;
            m_notes = notes;
            m_slotnumber = slotnumber;
        }

        public string SavePresentationFile(HttpPostedFile uploadfile)
        {
            string presentationdir = ConfigurationManager.AppSettings["PresentationsDir"];

            try
            {
                // check the file size
                // BUGBUG: Actually, this would be really nice to do, and give a graceful error
                // but it's impossible to catch here, as IIS handles it first.  See
                // http://forums.asp.net/p/1076458/1582377.aspx for a discussion

                // check that it's a file we'll accept
                string filetypes = ConfigurationManager.AppSettings["PresentationFileTypes"];
                string[] typesarray = filetypes.Split('|');
                if (!InStringArray(typesarray, uploadfile.ContentType))
                {
                    return "The file was not one of the permitted types";
                }

                // save the file
                string ext = System.IO.Path.GetExtension(uploadfile.FileName);
                if (ext == null)
                {
                    return "No file extention was provided";
                }
                uploadfile.SaveAs(presentationdir + m_uid.ToString() + ext);

                // update the db
                m_slidedeckfile = presentationdir + m_uid + ext;
                MeetingData.SavePresentationToDB(this);
                
                // return the message
                return "Saved";

            }
            catch (Exception ex)
            {
                Log.LogException(ex);
                return "Error saving";
            }
        }

        private bool InStringArray(string[] ar, string str)
        {
            // look for match of str in ar
            for (int i = 0; i < ar.Length; i++)
            {
                if (ar[i] == str)
                {
                    return true;
                }
            }

            return false;
        }

        public Guid uid
        {
            get { return m_uid; }
        }

        public Guid meetingid
        {
            get { return m_meetingid; }
        }

        public Guid userid
        {
            get { return m_userid; }
        }

        public string title
        {
            get { return AntiXss.HtmlEncode(m_title); }
            set { m_title = value; }
        }

        public string abstracttext
        {
            get { return AntiXss.HtmlEncode(m_abstracttext); }
            set { m_abstracttext = value; }
        }

        public string estimatedduration
        {
            get { return AntiXss.HtmlEncode(m_estimatedduration); }
            set { m_estimatedduration = value; }
        }

        public bool HasSlidedeck
        {
            get { return File.Exists(m_slidedeckfile); }
        }

        public string slidedeck
        {
            get { return m_slidedeckfile; }
        }

        public string slidedeckurl
        {
            get { 
                // start off with the "on-file" location of the presentation
                string url = m_slidedeckfile;

                // remove the directory location, to just give us the file
                url = url.Replace(ConfigurationManager.AppSettings["PresentationsDir"], "");

                // add the site url and presentation prefix to form the url
                url = ConfigurationManager.AppSettings["SiteURL"] + ConfigurationManager.AppSettings["PresentationsURLPrefix"] + url;

                // return the fixed-up url
                return url;
                }
        }

        public bool accepted
        {
            get { return m_accepted; }
            set { m_accepted = value; }
        }

        public string notes
        {
            get { return AntiXss.HtmlEncode(m_notes); }
            set { m_notes = value; }
        }

        public int slotnumber
        {
            get { return m_slotnumber; }
            set { m_slotnumber = value; }
        }
    }
}
